<?php
ob_start();
session_start();
include('includes/dbconnection.php');

$uid = $_SESSION['tcADMINID'];
$email = $_POST['email'];

$TC_Email = "support@studysage.com";

if(isset($_POST['btnsubmit']))
{
	$query = mysql_query("select * from administration where Email='$email'");
	$check = mysql_num_rows($query);
	if($check == 1)
	{
		include("../includes/GenerateRandom.php");
		$q = mysql_fetch_array($query);
		$pass = generatePassword();	
		$md5pass = md5($pass);
		mysql_query("update administration set Password='$md5pass' where Email='$email'");
		
		$from = $TC_Email;
		$to = $email;
		$headers = "From: $from";
		$subject = "Reg. New Password Request";
		
		$message = "
Hello ".$q['FirstName']." ".$q['LastName'].",
		
You are receiving this email because you have requested a new password be sent for your account on www.studysage.com.

Your new password is provided below.

Password:  ".$pass."

Your user name will remain the same.

Regards,
Studysage Team.";	
		
		mail($to,$subject,$message,$headers);
		
		//header("location: forgotpass.php?_suc=1");
		echo "<script>window.location='forgotpass.php?_suc=1'</script>";
		exit;
	}
	else
	{
		//header("location: forgotpass.php?_err=1");
		echo "<script>window.location='forgotpass.php?_err=1'</script>";
		exit;
	}										   
}
?>
